Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/t_7_bo1--UGtQepZrG8GLJQxcEo.roa
File: t_7_bo1--UGtQepZrG8GLJQxcEo.roa (raw, json)
Hash identifier: 0W27Cx4o2gofd/gZRWD+r/yI3udkTKxzd3bjiOLIXww=
Subject key identifier: B7:FE:FF:6E:8D:7E:F9:41:AD:41:EA:59:AC:6F:06:2C:94:31:70:4A
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 0188B1D0143E73894B1691D6D94F869FF4D6
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/t_7_bo1--UGtQepZrG8GLJQxcEo.roa
Signing time: Mon 12 Jun 2023 22:53:03 +0000
ROA not before: Mon 12 Jun 2023 22:53:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28964
IP address blocks: 178.254.164.0/24 maxlen: 24
178.254.166.0/24 maxlen: 24
178.254.160.0/23 maxlen: 23
178.254.162.0/24 maxlen: 24
5.172.32.0/24 maxlen: 24
178.254.167.0/24 maxlen: 24
178.254.178.0/24 maxlen: 24
178.254.174.0/24 maxlen: 24
178.254.173.0/24 maxlen: 24
178.254.185.0/24 maxlen: 24
109.111.255.0/24 maxlen: 24
89.23.94.0/23 maxlen: 23
109.111.242.0/24 maxlen: 24
109.111.241.0/24 maxlen: 24
109.111.249.0/24 maxlen: 24
109.111.251.0/24 maxlen: 24
89.23.64.0/24 maxlen: 24
185.157.45.0/24 maxlen: 24
185.157.46.0/24 maxlen: 24
185.157.47.0/24 maxlen: 24
89.23.72.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 20 Oct 2023 11:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b1:d0:14:3e:73:89:4b:16:91:d6:d9:4f:86:9f:f4:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jun 12 22:53:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7feff6e8d7ef941ad41ea59ac6f062c9431704a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d0:3d:87:99:62:d8:18:bf:5a:fe:e4:41:56:
3c:c5:bf:77:6f:e2:e2:d8:86:2d:a8:19:97:f8:44:
22:cd:c5:ed:ab:c3:46:97:fb:4e:f9:81:fe:39:e9:
ab:5d:88:9c:ad:f3:f4:28:a9:3d:42:db:bb:35:9b:
ff:0f:46:fe:98:af:8a:c2:87:3c:d2:06:8d:cd:f5:
9c:b4:9c:f9:9e:21:0b:af:f5:23:21:f8:c8:ef:88:
8f:4b:00:d3:64:c2:ed:e3:6f:5a:8d:30:cc:8f:8b:
6a:95:a2:44:ac:64:34:f6:3a:ee:96:55:5e:e9:11:
0c:33:8f:a2:15:d3:2a:85:d4:83:a2:f9:e4:2d:e3:
a7:38:9a:f4:04:b3:c7:bf:d9:63:5b:22:93:9c:c2:
00:b1:11:b6:57:fa:75:29:ed:d3:be:a8:63:f6:29:
0d:fd:01:b8:3b:f1:c0:2f:b4:be:90:42:2c:90:29:
1e:db:5d:29:00:74:98:23:c8:7f:a8:28:75:1a:63:
94:c0:8f:f5:6f:52:9a:8d:7a:0a:0a:4b:c5:f6:40:
56:64:b6:76:e7:82:b7:ff:31:c6:7d:89:a6:ec:26:
67:b3:a2:a9:80:a5:25:1a:ca:a1:f9:01:80:6d:76:
e2:d1:8e:72:c0:8c:15:d3:77:c6:3b:35:9f:c8:a0:
98:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:FE:FF:6E:8D:7E:F9:41:AD:41:EA:59:AC:6F:06:2C:94:31:70:4A
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/t_7_bo1--UGtQepZrG8GLJQxcEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.32.0/24
89.23.64.0/24
89.23.72.0/23
89.23.94.0/23
109.111.241.0-109.111.242.255
109.111.249.0/24
109.111.251.0/24
109.111.255.0/24
178.254.160.0-178.254.162.255
178.254.164.0/24
178.254.166.0/23
178.254.173.0-178.254.174.255
178.254.178.0/24
178.254.185.0/24
185.157.45.0-185.157.47.255
Signature Algorithm: sha256WithRSAEncryption
69:5e:db:4a:7c:2b:3c:51:0f:6f:e9:d3:b9:ce:18:27:13:c9:
09:50:2e:47:df:51:2e:e0:bd:fd:ae:58:01:54:80:b5:29:ea:
21:12:91:f3:70:07:82:77:88:cf:eb:f0:1f:bf:eb:f8:4e:d6:
09:6f:6e:1e:c9:c2:2c:49:62:d3:e5:eb:e4:77:6d:12:28:e5:
99:e5:cd:60:ef:53:8a:ad:7b:b8:f0:0d:d2:e4:ae:a2:62:7a:
91:32:4b:5d:a8:7c:9e:3c:63:07:ef:c1:39:99:c8:f4:63:4c:
35:ea:2d:95:99:34:17:37:75:54:26:6b:90:fa:0a:ee:b5:1a:
d0:d0:00:d3:55:c7:c3:76:fc:c6:98:64:93:c2:95:15:8b:d8:
d2:58:c5:1a:b2:3a:0f:ff:8b:df:be:74:1b:39:ce:fa:a8:ac:
31:be:0b:c1:db:ec:46:5c:bc:6c:2c:e0:93:45:50:9e:d1:db:
fd:5e:fc:b6:33:e8:13:d6:5c:cd:51:51:b9:bf:35:8d:40:82:
f7:a3:29:3f:54:12:e8:fb:81:7e:f0:cc:1d:0c:f5:11:ec:cf:
5a:f9:6c:e6:df:e9:d0:6b:0a:81:4d:56:c8:7b:42:46:59:65:
37:c6:64:18:e6:33:96:a1:ac:26:20:e0:dd:a6:c8:53:e1:ba:
48:9d:d4:80
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYix0BQ+c4lLFpHW2U+Gn/TWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMwNjEyMjI1MzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2ZlZmY2ZThkN2VmOTQxYWQ0MWVhNTlhYzZmMDYyYzk0MzE3MDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9A9h5li2Bi/Wv7kQVY8xb93b+Li
2IYtqBmX+EQizcXtq8NGl/tO+YH+OemrXYicrfP0KKk9Qtu7NZv/D0b+mK+Kwoc8
0gaNzfWctJz5niELr/UjIfjI74iPSwDTZMLt429ajTDMj4tqlaJErGQ09jrullVe
6REMM4+iFdMqhdSDovnkLeOnOJr0BLPHv9ljWyKTnMIAsRG2V/p1Ke3Tvqhj9ikN
/QG4O/HAL7S+kEIskCke210pAHSYI8h/qCh1GmOUwI/1b1KajXoKCkvF9kBWZLZ2
54K3/zHGfYmm7CZns6KpgKUlGsqh+QGAbXbi0Y5ywIwV03fGOzWfyKCYOwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFLf+/26NfvlBrUHqWaxvBiyUMXBKMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvdF83X2JvMS0tVUd0UWVwWnJHOEdMSlF4Y0VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAAWs
IAMEAFkXQAMEAVkXSAMEAVkXXjAMAwQAbW/xAwQAbW/yAwQAbW/5AwQAbW/7AwQA
bW//MAwDBAWy/qADBACy/qIDBACy/qQDBAGy/qYwDAMEALL+rQMEALL+rgMEALL+
sgMEALL+uTAMAwQAuZ0tAwQEuZ0gMA0GCSqGSIb3DQEBCwUAA4IBAQBpXttKfCs8
UQ9v6dO5zhgnE8kJUC5H31Eu4L39rlgBVIC1KeohEpHzcAeCd4jP6/Afv+v4TtYJ
b24eycIsSWLT5evkd20SKOWZ5c1g71OKrXu48A3S5K6iYnqRMktdqHyePGMH78E5
mcj0Y0w16i2VmTQXN3VUJmuQ+grutRrQ0ADTVcfDdvzGmGSTwpUVi9jSWMUasjoP
/4vfvnQbOc76qKwxvgvB2+xGXLxsLOCTRVCe0dv9Xvy2M+gT1lzNUVG5vzWNQIL3
oyk/VBLo+4F+8MwdDPUR7M9a+Wzm3+nQawqBTVbIe0JGWWU3xmQY5jOWoawmIODd
pshT4bpIndSA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:45 2024 by rpki-client on console-fra.rpki-client.org